The days when technology chiefs could focus simply on hardware and software are gone. For technology leaders, aligning IT with long-term strategy and attracting and nurturing a winning team has become key in a world where customer expectations are growing, and the pace of change continues to accelerate.

Today’s technology businesses need to think strategically at the local, national, and global level. Many companies run business online or mobile first and are getting creative and competitive advantages from collecting and analyzing consumer data. This provides both opportunities and challenges: on one hand, companies can get access to global customers fast, yet they are also facing competitors both at home and abroad, not to mention threat actors who could be located anywhere and can come at you with sophisticated attacks. It’s your talent against theirs – with your enterprise and your customers in the middle.

At TCV, we’ve been focused on talent and culture as critical success factors for more than 20 years. Many of our investments have turned on building or sustaining successful cultures and nurturing them with the right people. For this year’s invitation only CTO/CIO Summit we decided to look at talent and culture together with the challenges of globalizing and securing the enterprise. We brought together over 40 technology executives, including founders, product leaders, TCV partners, and — of course — CTOs and CIOs, in Half Moon Bay, CA, for an opportunity to build peer relationships, learn from shared experiences, and discuss top-of-mind issues facing these leaders. We also mixed up the “talent” for the event itself, drawing not only on working CTOs and CIOs but also career IT experts with consulting and investing experience across multiple industries.

For us, the most important part of the two-day event was gaining a deeper understanding of both the challenges and opportunities technology executives need to balance, including:

Winning the Talent Wars and Creating a Winning Culture

Building a Globally Distributed Organization

Privacy and Identity Initiatives and Securing the Enterprise

Our agenda centered around best practices in scaling a global organization. Other topics we discussed included how to integrate acquisitions and best practices in managing a global workforce.

Here are the highlights:

Over dinner, Zillow CTO Dave Beitel spoke about how technology has transformed the real estate industry. Dave joined Zillow in 2005 and has seen the company grow, both organically and with 13 acquisitions in the last 12 years. Dave explained the importance of creating a strong culture across multiple locations and laying out paths to career development to motivate teams as organizations scale. He also provided advice on a common challenge that many growing companies face, particularly how to integrate offshore teams and make them an extension of existing efforts rather than adjacent resources. He also discussed with the group how to achieve success in scale with multiple office locations and different cultural identities.

Tim McAdam led the next day’s first panel with Victoria Schillinger, VP of HR at Alarm.com; Caroline Horn, Partner at Andreessen Horowitz; Michael Morell, Managing Partner at Riviera Partners; and Jonathan Schoonmaker, SVP of HR at FinancialForce. Their topic: winning the talent wars against today’s tech giants. The practical tips flowed freely, starting with university recruiting. Pick a few schools and work them, including both Ivy League schools and state colleges. Build relationships with influential faculty. Introduce your brand to younger students, not just seniors. When they become interns, give them meat to work on, not crumbs – having an impact is what they value most. If they turn down an offer, wait 2-3 years and call again – they may not be having the impact they expected at that big company they chose. Retaining key talent has to be proactive. Sit people down and map out how they will develop themselves and increase their impact by staying with you. Give them management opportunities so they can imagine themselves as leaders. Don’t expect diversity to walk in the door — look for talented, highly motivated people who come from completely different fields such as law or the military. And finally, the 90 days after a new hire starts are more important than the 90 days spent hiring them. Set them up for quick wins, build in plenty of touch-points, and make sure they’re comfortable in the culture.

Ted Coons continued the conversation with a focus on talent and culture, talking with Kameron Kordestani, a partner at McKinsey & Company, and Otto Berkes, CTO of CA Technologies, about building a globally distributed company. Both speakers separated the “artifacts” of culture – posters, slogans, logos – from its essence: ways of working that make the organization succeed. People who embody those essentials should be made ambassadors to new acquisitions or newly built development centers, so that people new to your culture can experience it live. When new team members absorb it, they should be given broader responsibilities in the combined company – this leverages their talent and inspires their original team. Particularly after M&A, the acquired team needs to understand its role and contribution to the combined entity; this should happen quickly and positively. Pay for travel if you can; people in far-flung organizations form bonds faster when they meet in person. Both Otto and Kam warned against sticking too closely to integration playbooks, particularly when the acquired technology is new or different. Sometimes a talent-rich team should not be integrated rapidly. Don’t compromise on security or safety but take time to observe how they work before you impose on a new team – the last thing you want to do is spoil an acquisition by how you integrate it.

TCV EIR Jonathan Shottan, Manmeet Singh, Co-founder and CEO of Dataguise and Pablo Jensen, CTO of Sportradar pulled back the curtain on Europe’s General Data Protection Regulation (GDPR) and California’s new privacy laws. Simply put, GPDR is about What, Where and Why: What private data do you have? Where is private data stored? Why do you need to process that private data? Both the compliance challenge and market opportunity of the new regulations are huge and what unites them is the challenge of identifying the vulnerabilities. Many companies mistakenly believe they are compliant, because they encrypt and segregate various types of customer data physically or in the cloud; but when they bring data types together for analysis, they create “PII” – personally identifiable information. The new laws also require companies to delete data if customers demand it, but that’s likely to create havoc with legacy database applications built on relational technology. And how do you delete older data stored on physical media? Enter data masking, at production scale, to stand in for deletion and encryption. First movers — with enough IT spend on decoupling, segregating, and masking data — may even competitively enhance their brands as “more secure” than others.

After lunch, Ted Coons and Charles Beadnall, CTO of GoDaddy, delved into the transformation of GoDaddy’s culture, a process that started back in 2013. Engineers loved the company’s mission of providing small businesses with a home on the internet, but deterrents included fly-over geography, aging facilities and sensationalist marketing. With a new CEO – and marketing campaign – GoDaddy began recruiting heavily. The challenge was forming a new culture that welcomed both existing employees and a flood of new developers in ways that produced better products, faster. Charles employed a version of the 80/20 rule: if he could populate 20% of a department with more diverse people who modeled the right behaviors, they would tip over the rest. The company hired people based on referrals, recruited many female graduates from local universities and placed experienced diverse hires in senior IT roles. Charles also drew in Ph.D.s from MIT and spent time with teams around the globe to transform a culture while keeping the company focused on growth.

Matt Robinson led the day’s final session on securing the enterprise with Amir Ben-Efraim, co-founder and CEO of Menlo Security; Rob Fry, VP of Engineering at JASK; Robert West, Managing Director at Deloitte LLP; and Christian McCarrick, VP of Engineering at Auth0. Matt first asked the panel how CIOs and CTOs should differentiate among today’s legions of security providers. Recommendations included assessing your vulnerabilities so you’re asking the right questions, getting referrals from peers, and anticipating the inevitable consolidation among security providers. Not every company needs an industry giant – those companies were startups once, and today’s upstarts may have superior technology. The panel then discussed prioritizing among today’s proliferating threats. Getting governance in place is critical – if no one fully owns the security portfolio, priorities will be set for the wrong reasons. If the role falls to you as CTO or CIO, you must be (or become) a good storyteller to convey the threats to your company and build consensus on addressing them. It’s also vital to recognize that malware will get inside your systems, but it won’t be the end of the world if you’re prepared. Ultimately the biggest weakness of all security systems is the human element. Education and training are essential and need to be on the agenda regularly. In addition, Amir argued that companies should hold vendors to a higher standard, aiming to receive 100% efficacy to keep companies protected.

We are grateful for all the valuable insights our speakers shared with attendees and the TCV community we strive to create. We look forward to exploring new topics and connections during our next TCV event.

###

The views and opinions expressed are those of the CTO/CIO Summit speakers and do not necessarily reflect those of TCMI, Inc. or its affiliates (“TCV”). This summary is not an offer to sell or the solicitation of an offer to purchase an interest in any private fund managed or sponsored by TCV or any of the securities of any company discussed. Not all companies discussed above are TCV portfolio companies. Any TCV portfolio companies discussed above are not necessarily representative of all TCV investments, and no assumption should be made that the investments identified were or will be profitable. For a complete list of TCV investments, please visit www.tcv.com/all-companies/. For additional important disclaimers regarding this document, please see “Informational Purposes Only” in the Terms of Use for TCV’s website, available at http://www.tcv.com/terms-of-use/.

The specific companies identified above may not be representative of all of TCV’s investments and no assumption should be made that the investments identified were or will be profitable. For a complete alphabetical list of TCV investments (excluding certain public company investments), click here. Navigation beyond the homepage implies acceptance of the Terms of Use and our Privacy Policy.